aboutsummaryrefslogtreecommitdiff
path: root/main.go
diff options
context:
space:
mode:
authorJakob Unterwurzacher2015-12-08 16:13:29 +0100
committerJakob Unterwurzacher2015-12-08 16:17:04 +0100
commitc6dacd6f913b4c6eb7a8917af49190dce32db108 (patch)
treec0fd9a08f42c37bd977b95d2bb0a7c96226045c1 /main.go
parentff8c81f95b311eb1cd9c822202519f1a90a8cdd4 (diff)
Add EME filename encryption & enable it by default
Diffstat (limited to 'main.go')
-rw-r--r--main.go20
1 files changed, 17 insertions, 3 deletions
diff --git a/main.go b/main.go
index 9da89ab..06864d5 100644
--- a/main.go
+++ b/main.go
@@ -35,7 +35,7 @@ const (
type argContainer struct {
debug, init, zerokey, fusedebug, openssl, passwd, foreground, version,
- plaintextnames, quiet, diriv bool
+ plaintextnames, quiet, diriv, emenames bool
masterkey, mountpoint, cipherdir, cpuprofile, config, extpass string
notifypid, scryptn int
}
@@ -55,7 +55,7 @@ func initDir(args *argContainer) {
// Create gocryptfs.conf
cryptfs.Info.Printf("Choose a password for protecting your files.\n")
password := readPasswordTwice(args.extpass)
- err = cryptfs.CreateConfFile(args.config, password, args.plaintextnames, args.scryptn)
+ err = cryptfs.CreateConfFile(args.config, password, args.plaintextnames, args.scryptn, args.emenames)
if err != nil {
fmt.Println(err)
os.Exit(ERREXIT_INIT)
@@ -146,6 +146,7 @@ func main() {
"file names")
flagSet.BoolVar(&args.quiet, "q", false, "Quiet - silence informational messages")
flagSet.BoolVar(&args.diriv, "diriv", true, "Use per-directory file name IV")
+ flagSet.BoolVar(&args.emenames, "emenames", true, "Use EME filename encryption. This option implies diriv.")
flagSet.StringVar(&args.masterkey, "masterkey", "", "Mount with explicit master key")
flagSet.StringVar(&args.cpuprofile, "cpuprofile", "", "Write cpu profile to specified file")
flagSet.StringVar(&args.config, "config", "", "Use specified config file instead of CIPHERDIR/gocryptfs.conf")
@@ -262,7 +263,7 @@ func main() {
printMasterKey(masterkey)
}
// Initialize FUSE server
- cryptfs.Debug.Printf("args: %v\n", args)
+ cryptfs.Debug.Printf("cli args: %v\n", args)
srv := pathfsFrontend(masterkey, args, confFile)
cryptfs.Info.Println("Filesystem ready.")
// We are ready - send USR1 signal to our parent
@@ -289,13 +290,26 @@ func pathfsFrontend(key []byte, args argContainer, confFile *cryptfs.ConfFile) *
OpenSSL: args.openssl,
PlaintextNames: args.plaintextnames,
DirIV: args.diriv,
+ EMENames: args.emenames,
}
// confFile is nil when "-zerokey" or "-masterkey" was used
if confFile != nil {
// Settings from the config file override command line args
frontendArgs.PlaintextNames = confFile.IsFeatureFlagSet(cryptfs.FlagPlaintextNames)
frontendArgs.DirIV = confFile.IsFeatureFlagSet(cryptfs.FlagDirIV)
+ frontendArgs.EMENames = confFile.IsFeatureFlagSet(cryptfs.FlagEMENames)
}
+ // EMENames implies DirIV, both on the command line and in the config file.
+ if frontendArgs.EMENames {
+ frontendArgs.DirIV = true
+ }
+ // PlainTexnames disables both EMENames and DirIV
+ if frontendArgs.PlaintextNames {
+ frontendArgs.DirIV = false
+ frontendArgs.EMENames = false
+ }
+ cryptfs.Debug.Printf("frontendArgs: ")
+ cryptfs.Debug.JSONDump(frontendArgs)
finalFs := pathfs_frontend.NewFS(frontendArgs)
pathFsOpts := &pathfs.PathNodeFsOptions{ClientInodes: true}